Conversation

This Tweet is from a suspended account. Learn more
Neither of the devices is open hardware and neither has open firmware, despite misconceptions created by misleading marketing. The Librem 5 is deliberately locked down to prevent updating the firmware. Neither is close to the security requirements for official GrapheneOS support.
2
9
security features including the hardware-backed keystores used by the OS and apps, support for real verified boot and attestation, modern mitigations, proper IOMMU integration / setup for the components, hardware key derivation support, Wi-Fi anonymity beyond just MAC rand, etc.
3
7
The Librem 5 and Pinephone are closed hardware with closed firmware. The complexity in the entirely closed source SoC and other hardware components / firmware completely dwarfs the complexity in userspace libraries. You're also grouping things that are open source in with blobs.
2
You think wpa_supplicant and all of the other largely open source code in vendor is closed source? Lack of interest from people in building code from source let alone replacing the closed source components (many of which have working open source alternatives already) says a lot.
1
You're inaccurately treating the division of code into the vendor image as being based on open vs. closed source. It isn't and a device with fully open drivers has everything involved in device support contained to the vendor image. You're confusing Pixel issues with AOSP issues.
1
That code is not obfuscated and has debug symbols. You get all the function names, etc. even though you don't get the source code. It's not a black box. In reality it's not really any harder to inspect it for backdoors than any of the open source code. People don't do either.
1
Show replies